Mask password from debug print in log collector
Changes:
- Add logic to mask the secret password.
Change-Id: I2cf3ec2f8e385e63eb78a005d2d584756b0074d2
Signed-off-by: George Keishing <gkeishin@in.ibm.com>
diff --git a/ffdc/ffdc_collector.py b/ffdc/ffdc_collector.py
index 98ae49b..034948f 100644
--- a/ffdc/ffdc_collector.py
+++ b/ffdc/ffdc_collector.py
@@ -5,6 +5,7 @@
"""
import os
+import re
import sys
import yaml
import json
@@ -127,7 +128,16 @@
self.env_dict['hostname'] = self.hostname
self.env_dict['username'] = self.username
self.env_dict['password'] = self.password
- self.logger.info(json.dumps(self.env_dict, indent=8, sort_keys=True))
+ # This to mask the password from displaying on the console.
+ mask_dict = self.env_dict.copy()
+ for k, v in mask_dict.items():
+ if k.lower().find("password") != -1:
+ hidden_text = []
+ hidden_text.append(v)
+ password_regex = '(' +\
+ '|'.join([re.escape(x) for x in hidden_text]) + ')'
+ mask_dict[k] = re.sub(password_regex, "********", v)
+ self.logger.info(json.dumps(mask_dict, indent=8, sort_keys=True))
def verify_script_env(self):